Help me with posting with Net::HTTP

Question

I am using a third-party API (Spreadshirt's API) and in order to perform a basket creation, I need to send an xml through a POST request. I am trying to do this with the available Net::HTTP functions and this is how I am doing it

def get_session
      @time = Time.now.to_i * 1000 #get the current time as integer
      @sha1 = Digest::SHA1.hexdigest("POST http://api.spreadshirt.com/api/v1/baskets #{@time} #{ENV['SPREADSHIRT_SECRET_KEY']}") #encrypt the signature

      @http = Net::HTTP.new("http://api.spreadshirt.com")
      @path = "/api/v1/baskets?apiKey=#{ENV['SPREADSHIRT_API_KEY']}&sig=#{@sha1}&time=#{@time}"

      @payload = "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>
      <basket xmlns:xlink=\"http://www.w3.org/1999/xlink\" xmlns=\"http://api.spreadshirt.net\"&gt;
      </basket>"

      @response = @http.request_post(@path, @payload)
  end

time => "The timestamp as milliseconds used in signature, e.g. 1240575575156."

sig =>"The signature as SHA-1 as Hex of string 'METHOD URL_WITHOUT_QUERY TIMESTAMP SECRET', e.g. 'POST http://localhost:8080/api/v1/users/42/productPriceCalculator 1240575575156 987654321'.(use your own secret on live system)."

apiKey => "The requested API key, e.g. 123456789 (use your own key on live system)."

More about the spec can be found on these links: http://api.spreadshirt.net/api/v1/metaData/api.html#N218D1 http://wiki.developer.spreadshirt.net/display/API/Basket+Resources

I am just wondering whether I have used the Net::HTTP function correctly or not assuming that I have used the correct secret key and api key.

EDIT:

The vendor has provided a sample code in PHP which can be found here http://spreadshirtapps.svn.sourceforge.net/viewvc/spreadshirtapps/php/sod/ the file sprd/CheckoutController.php is the one that is analogous to what I want to do.

Answer 1

Resource: I use the Net::HTTP Cheat Sheet

Answer:

Your code looks ok. Though I'm not sure why you're using so many instance variables instead of local vars.

What error are you receiving?

Added:

A 400 status code is "Bad Request" but more importantly, it is probably coming from the server's application, not the HTTP server itself (Apache, etc).

Suggestion:

Run the php example program they gave you. Make sure it works for the functions that you're trying to do from Ruby/Rails.

Then use Wireshark or other Ethernet peeker to see exactly what is being sent from the example client to the server and from your client to the server. Your task is to get your Ruby/Rails to do the exact same thing as their sample sw.

Setting the content-type as suggested by Harold L is a good idea.

But you also need to make sure your code exactly (down to the bit) emulates what their working example code does over the network. It is very common for the docs to not quite match the implementation, especially in an early api version like Spreadshirt's.

My guess is that they should be delighted that you're working in their api. They have every incentive to be helpful to you.

Good luck.

Answer 2

Many web services require you to tell them you're sending XML via the Content-Type header. For Net::HTTP try something like this:

url = "http://.../api/v1/baskets?..."
payload = "..."

require 'net/http'
request = Net::HTTP::Post.new(url)
request.add_field "Content-Type", "application/xml"
request.body = payload

uri = URI.parse(url)
http = Net::HTTP.new(uri.host, uri.port)
response = http.request(request)